my $self = shift;
my $password = shift;
+ my $cust_main = $self->cust_main;
+
+ # workaround for non-inserted services
+ if ( !$cust_main and $self->get('pkgnum') ) {
+ my $cust_pkg = FS::cust_pkg->by_key($self->get('pkgnum'));
+ $cust_main = $cust_pkg->cust_main if $cust_pkg;
+ }
+ warn "is_password_allowed: no customer could be identified" if !$cust_main;
+ return '' if $cust_main && $conf->config_bool('password-insecure', $cust_main->agentnum);
+
# basic checks using Data::Password;
# options for Data::Password
$DICTIONARY = 4; # minimum length of disallowed words
<INPUT TYPE="text" ID="clear_password" NAME="clear_password" VALUE="<% $password %>" SIZE=<% $pmax2 %> MAXLENGTH=<% $pmax %>>
<& /elements/random_pass.html, 'clear_password' &><BR>
<DIV ID="clear_password_result" STYLE="font-size: smaller"></DIV>
- <& '/elements/validate_password.html',
- 'fieldid' => 'clear_password',
- 'svcnum' => $svcnum
+ <& /elements/validate_password.html,
+ 'fieldid' => 'clear_password',
+ 'svcnum' => $svcnum ,
+ 'pkgnum' => $pkgnum,
&>
</TD>
</TR>
<INPUT ID="password_field" TYPE="text">
<DIV ID="password_field_result">
<& '/elements/validate_password.html',
- fieldid => 'password_field',
- svcnum => $svcnum
+ fieldid => 'password_field',
+ svcnum => $svcnum,
+ pkgnum => $pkgnum, # used if the service doesn't exist yet
&>
The ID of the input field can be anything; the ID of the DIV in which to display results
var resultfield = document.getElementById(fieldid);
if (this.value) {
resultfield.innerHTML = '<SPAN STYLE="color: blue;">Validating password...</SPAN>';
- validate_password('fieldid',fieldid,'svcnum','<% $opt{'svcnum'} %>','password',this.value,
+ validate_password('fieldid',fieldid,
+ 'svcnum',<% $opt{'svcnum'} |js_string %>,
+ 'pkgnum',<% $opt{'pkgnum'} |js_string %>,
+ 'password',this.value,
function (result) {
result = JSON.parse(result);
var resultfield = document.getElementById(result.fieldid);
<%doc>
-Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is only
-acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise create an
-empty dummy svc_acct) and 'fieldid' (for html post-processing, passed along in
-results for convenience.)
-
-Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is valid),
-'error' (error text if password is invalid) or 'syserror' (error text if password
-could not be validated.) Only one of these keys will be set. Will also set
-'fieldid' if it was passed.
+Requires cgi params 'password' (plaintext) and 'sub' ('validate_password' is
+only acceptable value.) Also accepts 'svcnum' (for svc_acct, will otherwise
+create an empty dummy svc_acct), 'pkgnum' (for when the svc_acct isn't yet
+inserted), and 'fieldid' (for html post-processing, passed along in results
+for convenience.)
+
+Returns a json-encoded hashref with keys of 'valid' (set to 1 if object is
+valid), 'error' (error text if password is invalid) or 'syserror' (error text
+if password could not be validated.) Only one of these keys will be set.
+Will also set 'fieldid' if it was passed.
</%doc>
<% encode_json($result) %>
$result{'syserror'} = 'Invalid svcnum' unless $svcnum =~ /^\d*$/;
return \%result if $result{'syserror'};
+ my $pkgnum = $arg{'pkgnum'};
+ $result{'syserror'} = 'Invalid pkgnum' unless $pkgnum =~ /^\d*$/;
+ return \%result if $result{'syserror'};
+
my $svc_acct = $svcnum
? qsearchs('svc_acct',{'svcnum' => $svcnum})
- : (new FS::svc_acct {});
+ : FS::svc_acct->new({ 'pkgnum' => $pkgnum });
$result{'syserror'} = 'Could not find service' unless $svc_acct;
return \%result if $result{'syserror'};
projects / freeside.git / commitdiff